![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 15%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Exchange | Exchange Server | Management
The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 19%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Please note that we're not Microsoft support, this is a user-to-user support forum. Moderators have no backend access and cannot directly intervene in Microsoft products. We provide only technical guidance and best-practice recommendations based on reported issues
From this article, Addressing Exchange Server May 2026 vulnerability CVE-2026-42897 | Microsoft Community Hub, Microsoft disclosed CVE-2026-42897, a reported vulnerability affecting Exchange Outlook Web Access (OWA).
So OWA might have some unexpected behavior, especially when mitigation is applied. May I ask did you apply the mitigation?
If yes, there are a few known issues when mitigation is applied:
As for now, Microsoft is working on and will release and announce a security update for impacted versions of Exchange Server in the future. Update will be released for Exchange SE RTM, Exchange 2016 CU23, Exchange Server 2019 CU14 and CU15 (if you are running older CU versions, please update now).
Exchange 2016 and 2019 updates will be released only to customers who are enrolled in the Period 2 Exchange Server ESU program as per Announcing Period 2 Exchange 2016/2019 Extended Security Update (ESU) program. Period 1 only ESU customers will not receive this update as that ESU program ended in April 2026.
I hope this information helps.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.